NHS Proactively Engages Suppliers to Enhance Cybersecurity Resilience
Summary
Hide ▲
Show ▼
The UK’s National Health Service (NHS) is advancing a multi-stakeholder cyber resilience strategy, with the National Cyber Security Centre (NCSC) detailing an 18-month coordinated plan to strengthen defences across the sector. The plan includes piloting Active Cyber Defence 2.0 tools, enhancing software supply chain security via the Software Security Code of Practice, and integrating threat intelligence and vulnerability disclosure processes. The NHS continues to engage suppliers on cybersecurity controls while promoting technical measures such as passkeys, External Attack Surface Management, and sector-wide threat hunting workshops. This effort builds on the January 2026 NHS open letter to suppliers demanding improved cybersecurity standards and follows historic incidents like the 2017 WannaCry attack and the 2024 Synnovis ransomware incident, which disrupted operations and resulted in patient harm.
Timeline
-
23.01.2026 16:37 2 articles · 2mo ago
NHS Issues Open Letter Demanding Improved Cybersecurity Standards from Suppliers
On January 22, 2026, the NHS issued an open letter to suppliers demanding improved cybersecurity standards to combat persistent ransomware threats. The letter outlines the NHS's plans to engage directly with suppliers to discuss key cybersecurity controls and potential risks to patient care and operational continuity. The NHS also provided specific expectations for health and social care bodies to enhance their cybersecurity resilience. The NCSC subsequently outlined a coordinated 18-month plan to improve NHS cyber resilience, including Active Cyber Defence (ACD) 2.0 piloting, supply chain security enhancements via the Software Security Code of Practice, and integration of threat intelligence and vulnerability disclosure processes such as the NCSC Early Warning service and VRS. The plan also promotes technical measures like passkeys adoption, External Attack Surface Management, and sector-wide Threat Hunting Workshops.
Show sources
- NHS Issues Open Letter Demanding Improved Cybersecurity Standards from Suppliers — www.infosecurity-magazine.com — 23.01.2026 16:37
- NCSC Outlines Coordinated Plan to Boost NHS Cyber Resilience — www.infosecurity-magazine.com — 20.04.2026 12:30
Information Snippets
-
The NHS issued an open letter on January 22, 2026, to suppliers demanding improved cybersecurity standards.
First reported: 23.01.2026 16:371 source, 2 articlesShow sources
- NHS Issues Open Letter Demanding Improved Cybersecurity Standards from Suppliers — www.infosecurity-magazine.com — 23.01.2026 16:37
- NCSC Outlines Coordinated Plan to Boost NHS Cyber Resilience — www.infosecurity-magazine.com — 20.04.2026 12:30
-
The move follows a voluntary cybersecurity supply chain charter issued by NHS England and the Department of Health and Social Care (DHSC).
First reported: 23.01.2026 16:371 source, 2 articlesShow sources
- NHS Issues Open Letter Demanding Improved Cybersecurity Standards from Suppliers — www.infosecurity-magazine.com — 23.01.2026 16:37
- NCSC Outlines Coordinated Plan to Boost NHS Cyber Resilience — www.infosecurity-magazine.com — 20.04.2026 12:30
-
The NHS plans to engage directly with suppliers to discuss key cybersecurity controls and potential supply chain risks.
First reported: 23.01.2026 16:371 source, 2 articlesShow sources
- NHS Issues Open Letter Demanding Improved Cybersecurity Standards from Suppliers — www.infosecurity-magazine.com — 23.01.2026 16:37
- NCSC Outlines Coordinated Plan to Boost NHS Cyber Resilience — www.infosecurity-magazine.com — 20.04.2026 12:30
-
The letter emphasizes collaboration and proportionate remediation activities rather than audits or pass/fail exercises.
First reported: 23.01.2026 16:371 source, 2 articlesShow sources
- NHS Issues Open Letter Demanding Improved Cybersecurity Standards from Suppliers — www.infosecurity-magazine.com — 23.01.2026 16:37
- NCSC Outlines Coordinated Plan to Boost NHS Cyber Resilience — www.infosecurity-magazine.com — 20.04.2026 12:30
-
The NHS outlined expectations for health and social care bodies to enhance cybersecurity resilience, including patching systems, applying MFA, and ensuring effective monitoring and backups.
First reported: 23.01.2026 16:371 source, 2 articlesShow sources
- NHS Issues Open Letter Demanding Improved Cybersecurity Standards from Suppliers — www.infosecurity-magazine.com — 23.01.2026 16:37
- NCSC Outlines Coordinated Plan to Boost NHS Cyber Resilience — www.infosecurity-magazine.com — 20.04.2026 12:30
-
The NCSC outlined a coordinated 18-month plan to improve NHS cyber resilience, including Active Cyber Defence (ACD) 2.0 piloting, supply chain security enhancements, and threat intelligence sharing.
First reported: 20.04.2026 12:301 source, 1 articleShow sources
- NCSC Outlines Coordinated Plan to Boost NHS Cyber Resilience — www.infosecurity-magazine.com — 20.04.2026 12:30
-
The NCSC highlighted the use of the government’s Software Security Code of Practice in NHS procurement to assess supplier cyber maturity.
First reported: 20.04.2026 12:301 source, 1 articleShow sources
- NCSC Outlines Coordinated Plan to Boost NHS Cyber Resilience — www.infosecurity-magazine.com — 20.04.2026 12:30
-
The NCSC partnered with a healthcare organization to prioritize supplier risk using data science tools, with plans to expand this initiative by integrating NCSC Early Warning service data.
First reported: 20.04.2026 12:301 source, 1 articleShow sources
- NCSC Outlines Coordinated Plan to Boost NHS Cyber Resilience — www.infosecurity-magazine.com — 20.04.2026 12:30
-
The NCSC helped NHS England, NHS Business Services Authority, and NHS Scotland establish internal vulnerability disclosure processes, complementing its Vulnerability Reporting Service (VRS) active since 2019.
First reported: 20.04.2026 12:301 source, 1 articleShow sources
- NCSC Outlines Coordinated Plan to Boost NHS Cyber Resilience — www.infosecurity-magazine.com — 20.04.2026 12:30
-
The NHS App became the first government-sponsored app to offer passkeys, with further adoption planned.
First reported: 20.04.2026 12:301 source, 1 articleShow sources
- NCSC Outlines Coordinated Plan to Boost NHS Cyber Resilience — www.infosecurity-magazine.com — 20.04.2026 12:30
-
NCSC-led initiatives included External Attack Surface Management (EASM), deception technology experiments, DNS risk analytics, and Threat Hunting Workshops across the NHS sector.
First reported: 20.04.2026 12:301 source, 1 articleShow sources
- NCSC Outlines Coordinated Plan to Boost NHS Cyber Resilience — www.infosecurity-magazine.com — 20.04.2026 12:30
Similar Happenings
NCSC Pilot Project Identifies Barriers and Risks in Cyber Deception
The UK's National Cyber Security Centre (NCSC) has shared findings from a pilot project under the Active Cyber Defence (ACD) 2.0 program, involving 121 organizations and 14 cyber-deception solution providers. The project aims to establish an evidence base for cyber deception use cases at a national scale. Key findings include challenges in generating outcome-based metrics, inconsistent terminology, a guidance gap, risks of improper tool configuration, and the strategic advantage of not advertising deception tools. The NCSC plans to deploy thousands of deception solutions across various environments to improve national resilience by imposing costs on adversaries.
UK NCSC Reports Significant Increase in Nationally Significant Cyber Incidents
The UK’s National Cyber Security Centre (NCSC) reported 204 nationally significant cyber incidents between September 2024 and August 2025, a 130% increase from the previous year. Recent high-profile attacks on Marks & Spencer, the Co-op Group, and Jaguar Land Rover highlighted the real-world impact of cyber threats. The NCSC emphasized the need for urgent action from business leaders to enhance cybersecurity defenses. The NCSC's 2025 Annual Review included a letter from the CEO of the Co-op Group, emphasizing the responsibility of senior leaders in protecting their businesses. The NCSC launched the Cyber Action Toolkit to help small organizations improve their cyber defenses. Additionally, the NCSC issued an alert to critical national infrastructure (CNI) providers about severe cyber threats targeting CNI, following coordinated cyber-attacks on Poland's energy infrastructure in December. NCSC CEO Richard Horne warned that SMEs are wrong to assume they won't be targeted by cyber-attacks and urged them to adopt Cyber Essentials certification to protect against common cybersecurity threats.
NCSC Urges UK Organizations to Enhance Observability and Threat Hunting
The UK National Cyber Security Centre (NCSC) has called for improved observability and threat hunting across UK organizations to bolster national cyber resilience. The NCSC's CTO, Ollie Whitehouse, highlighted significant variation in capabilities and emphasized the interdependence of observability and threat hunting. Effective threat hunting requires comprehensive visibility into all aspects of an organization's IT environment, including networks, devices, applications, and cloud services. The NCSC provided guidance on improving observability and threat hunting, including maximizing visibility, encouraging vendor compliance with monitoring guidelines, and moving beyond traditional indicators of compromise (IOCs) to focus on tactics, techniques, and procedures (TTPs).